
CISA Warns of Actively Exploited Joomla Zero-Day Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-48939 and CVE-2026-56291 to its Known Exploited Vulnerabilities (KEV) catalog after reports confirmed active zero-day attacks targeting the iCagenda and Balbooa extensions for Joomla. Both flaws carry the maximum CVSS severity score of 10.0 and can allow attackers to upload malicious files that ultimately lead to remote code execution.
CVE-2026-48939 in iCagenda and CVE-2026-56291 in Balbooa Actively Exploited
According to the cloud-based website management platform, mySites.guru, CVE-2026-48939 has been exploited in automated attacks since June 15, 2026. The vulnerability affects the iCagenda Joomla ext...